AWS VPC: Virtual Private Cloud
KALPESH MOHANTA
VPC is a virtual network that you create in the cloud. It allows you to have your own private section of the internet. Within this VPC, you can create and manage various resources, such as servers, databases, and storage.
VPC components
Virtual private clouds (VPC)
- VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. After you create a VPC, you can add subnets.
Subnets
- Subnet is a
range of IPaddresses in your VPC. A subnet must reside in a single Availability Zone. After you add subnets, you can deploy AWS resources in your VPC.
IP addressing
- You can assign IP addresses, both IPv4 and IPv6, to your
VPCs and subnets.
Security Group
Security group acts as a
virtual firewall for instanceswithin a VPC. It controls inbound and outbound traffic at theinstance level.Security groups allow you to
define rulesthat permit or restrict traffic based on protocols, ports, and IP addresses.
Network Access Control List (NACL)
- Network Access Control List is a
stateless firewallthat controls inbound and outbound traffic at thesubnet level. It operates at the IP address level and can allow or deny traffic based on rules that you define.
Network Address Translation (NAT)
- Service that allows private IP networks to use the internet by
translating private IP addresses to public IP addresses.
Routing
- Route tables to determine where network traffic from your subnet or gateway is directed.
Gateways and endpoints
Gateway connects your VPC to another network. For example, use an internet gateway to connect your VPC to the internet.
VPC endpoint to connect to AWS services
privately, without the use of an internet gateway or NAT device.
Peering connections
- Use a VPC peering connection to route traffic between the resources in two VPCs.
Transit gateways
- Transit gateway, which acts as a
central hub, to route traffic between your VPCs, VPN connections, and AWS Direct Connect connections.
VPC Flow Logs
- A flow log
captures information about the IP trafficgoing to and from network interfaces in your VPC.
VPN connections
- Connect your VPCs to your on-premises networks using AWS Virtual Private Network (AWS VPN).
Bastion Host in VPC
An Instance acts as a
secure gatewayto control access to a private network from an external networkIt
resides in a public subnetwithin the VPC,acting as an intermediarybetween external traffic and the private network.
Feel free to share and spread the knowledge! ๐๐ Enjoy Learning! ๐
Subscribe to my newsletter
Read articles from KALPESH MOHANTA directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
KALPESH MOHANTA
KALPESH MOHANTA
๐ Hi there! Welcome to my DevOps adventure! ๐ I'm Kalpesh, a DevOps Engineer, and I'm thrilled to share my journey in the dynamic world of DevOps and Cloud Technologies. ๐ ๐ง Tech Arsenal: CI/CD Automation: Streamlining workflows for seamless deployments. Containers & Orchestration: Docker & Kubernetes. Cloud Platforms: Azure, AWS. Version Control: Git. Configuration Management: YAML, Linux commands. ๐ My Journey: I've had the privilege to work on diverse projects, including a notable deployment for PepsiCo. My expertise spans CI/CD automation, containerization, cloud services, and scripting to enhance system performance and reliability. ๐ก Why Follow Me? Join me as I delve into: Cutting-edge DevOps practices. Automation techniques. Cloud innovations. Tips & tricks for aspiring DevOps professionals. ๐ค Connect & Collaborate: Let's build, learn, and innovate together. Whether you're a fellow tech enthusiast, a professional looking to share insights, or someone eager to learn, let's connect and grow in this vibrant community. ๐ข Follow my LinkedIn & Hashnode blog for insights, tutorials, and updates. Together, we'll embrace the ever-evolving DevOps landscape!